我已经用symfony 2.8构建了一个网站,我使用FOSUserBundle进行身份验证,用户管理等,我有一个问题我可以解决。 对于我来说没有明显的理由,记住"记住" cookie不会像预期的那样表现出来。
我很确定我在某种程度上错过了配置参数,但是我几小时都在寻找它并且无法找到它。
我在apache 2.0服务器上使用php 7.0。
有我的config.yml文件(大部分):
framework:
#esi: ~
translator: { fallbacks: ["%locale%"] }
secret: "%secret%"
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
#serializer: { enable_annotations: true }
templating:
engines: ['twig']
default_locale: "%locale%"
trusted_hosts: ~
trusted_proxies: ~
session:
# handler_id set to null will use default session handler from php.ini
handler_id: ~
save_path: "%kernel.root_dir%/sessions/"
fragments: ~
http_method_override: true
...
fos_user:
db_driver: orm
firewall_name: main
user_class: UserBundle\Entity\User
from_email:
address: "%email_referer%"
sender_name: "App"
group:
group_class: UserBundle\Entity\Group
group_manager: sonata.user.orm.group_manager
resetting:
email:
template: :mail:resetting_password.html.twig
service:
mailer: fos_user.mailer.twig_swift
user_manager: sonata.user.orm.user_manager
还有我的security.yml:
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_CHAMPION: [ROLE_USER]
ROLE_ENTREPRISE: [ROLE_USER]
ROLE_ADMIN: [ROLE_USER, ROLE_SONATA_ADMIN, ROLE_A, ROLE_B]
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
SONATA:
- ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT
providers:
fos_userbundle:
id: fos_user.user_manager
firewalls:
admin:
pattern: ^/admin
context: user
form_login:
provider: fos_userbundle
login_path: login
use_forward: true
check_path: sonata_user_admin_security_check
failure_path: null
default_target_path: sonata_admin_dashboard
logout:
path: sonata_user_admin_security_logout
target: homepage
invalidate_session: false
anonymous: true
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: .*
context: user
form_login:
provider: fos_userbundle
login_path: login
use_forward: false
check_path: /login_check
failure_path: null
csrf_token_generator: security.csrf.token_manager
default_target_path: profile
logout:
path: logout
target: homepage
invalidate_session: false
anonymous: true
remember_me:
secret: '%secret%'
lifetime: 15724800 # 6 months
path: /
domain: ~
secure: true
access_control:
# Some public pages
- { path: ^/$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/cgu$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/cgv$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/contact$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/faq$, role: IS_AUTHENTICATED_ANONYMOUSLY }
# URL of FOSUserBundle which need to be available to anonymous users
- { path: ^/connexion, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
# Admin login page needs to be accessed without credential
- { path: ^/admin/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY }
# - { path: ^/admin/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
# Admin
- { path: ^/admin/, role: [ROLE_ADMIN, ROLE_SONATA_ADMIN] }
# Partie connectée
- { path: ^/, role: IS_AUTHENTICATED_REMEMBERED }
acl:
connection: default
编辑:
我做了一些测试,看来我的REMEMBERME cookie没有被删除,它仍然在这里,与之前的startdate和enddate相同。
所以,我可以关闭并打开我的浏览器,cookie仍然在这里,当我这样做时,我仍然经过身份验证(并且可以转到管理员)。但是,当我只是待在"闲置"在一段时间内,我想访问管理部分,我被重定向到登录页面。 REMEMBERME cookie仍然存在,但此时,我无法访问我在启动浏览器时可以访问的页面。
编辑2: 会话生命周期似乎是"原因"我的问题。但我想要的是当用户检查"记住我"选项他不再需要再次登录,即使他在后台保持我网站的标签打开x天(就像移动浏览器一样)。我怎么能这样做?
编辑16/08/2017: 我在security.yml文件中添加了一行: 域名:〜 看来这条线使系统工作。使用Chrome和Firefox的计算机上不再检测到此问题(如果这两个中的一个正在使用我的Cookie)。
PS:我会在几天内更新这张票,以及#34;验证"它,如果问题不再出现。
答案 0 :(得分:3)
我认为你在谈论你的会话生命周期而不是记住我的功能。
在config.yml中,您可以将框架配置为使用自定义会话生存期。
import Foundation
import CoreData
func listPropertiesFrom(entity: NSEntityDescription) {
print("========== Properties from entity \"\(entity.name!)\" ============")
for property in entity.properties {
print(property)
}
}
class Rect: NSManagedObject {
}
class Base: NSManagedObject {
@NSManaged var rect: Rect
}
class Child: Base {
}
// ----------- Define Rect ----------
let rectEntity = NSEntityDescription()
rectEntity.name = "rect"
rectEntity.managedObjectClassName = "Rect"
// ----------- Define Base -----------
let baseEntity = NSEntityDescription()
baseEntity.name = "base"
baseEntity.managedObjectClassName = "Base"
baseEntity.isAbstract = true
let rectRelation: NSRelationshipDescription = NSRelationshipDescription()
rectRelation.name = "rect"
// >>>>>>>>>>> Error: This becomes nil in the child! >>>>>>>>>>>
rectRelation.destinationEntity = rectEntity
rectRelation.minCount = 1
rectRelation.maxCount = 1
rectRelation.isOptional = false
rectRelation.deleteRule = NSDeleteRule.cascadeDeleteRule
baseEntity.properties = [rectRelation]
// ----------- Define Child ------------
let childEntity = NSEntityDescription()
childEntity.name = "child"
childEntity.managedObjectClassName = "Child"
baseEntity.subentities.append(childEntity)
// No own properties! All inherited!
// -----------
listPropertiesFrom(entity: baseEntity)
listPropertiesFrom(entity: childEntity)
如果未设置此配置,将使用php.ini中的值。
希望它有所帮助。
答案 1 :(得分:0)
问题不再出现,解决方案似乎是"域"参数:
domain: ~